CWE-500: Public Static Field Not Marked Final

VariantDraftExploit Likelihood: High

An object contains a public static field that is not marked final, which might allow it to be modified in unexpected ways.

View on MITRE
Back to CWE Lookup

Extended Description

Public static variables can be read without an accessor and changed without a mutator by any classes in the application.

Technical Details

Structure
Simple

Applicable To

Languages
C++Java
Platforms

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-500

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references